oauth2 fixes (#5259)

This commit is contained in:
naman-bruno
2025-08-19 11:17:39 +05:30
committed by GitHub
parent ce0fc08500
commit b804ff6dfd

View File

@@ -259,15 +259,13 @@ const getOAuth2TokenUsingAuthorizationCode = async ({ request, collectionUid, fo
redirect_uri: callbackUrl, redirect_uri: callbackUrl,
client_id: clientId, client_id: clientId,
}; };
if (clientSecret && credentialsPlacement !== "basic_auth_header") { if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret; data.client_secret = clientSecret;
} }
if (pkce) { if (pkce) {
data['code_verifier'] = codeVerifier; data['code_verifier'] = codeVerifier;
} }
if (scope && scope.trim() !== '') {
data.scope = scope;
}
axiosRequestConfig.data = qs.stringify(data); axiosRequestConfig.data = qs.stringify(data);
axiosRequestConfig.url = url; axiosRequestConfig.url = url;
axiosRequestConfig.responseType = 'arraybuffer'; axiosRequestConfig.responseType = 'arraybuffer';
@@ -360,15 +358,6 @@ const getOAuth2TokenUsingClientCredentials = async ({ request, collectionUid, fo
}; };
} }
if (!clientSecret) {
return {
error: 'Client Secret is required for OAuth2 client credentials flow',
credentials: null,
url,
credentialsId
};
}
if (!forceFetch) { if (!forceFetch) {
const storedCredentials = getStoredOauth2Credentials({ collectionUid, url, credentialsId }); const storedCredentials = getStoredOauth2Credentials({ collectionUid, url, credentialsId });
@@ -427,14 +416,14 @@ const getOAuth2TokenUsingClientCredentials = async ({ request, collectionUid, fo
'content-type': 'application/x-www-form-urlencoded', 'content-type': 'application/x-www-form-urlencoded',
'Accept': 'application/json', 'Accept': 'application/json',
}; };
if (credentialsPlacement === "basic_auth_header") { if (credentialsPlacement === "basic_auth_header" && clientSecret && clientSecret.trim() !== '') {
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`; axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`;
} }
const data = { const data = {
grant_type: 'client_credentials', grant_type: 'client_credentials',
client_id: clientId, client_id: clientId,
}; };
if (clientSecret && credentialsPlacement !== "basic_auth_header") { if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret; data.client_secret = clientSecret;
} }
if (scope && scope.trim() !== '') { if (scope && scope.trim() !== '') {
@@ -568,7 +557,7 @@ const getOAuth2TokenUsingPasswordCredentials = async ({ request, collectionUid,
'content-type': 'application/x-www-form-urlencoded', 'content-type': 'application/x-www-form-urlencoded',
'Accept': 'application/json', 'Accept': 'application/json',
}; };
if (credentialsPlacement === "basic_auth_header") { if (credentialsPlacement === "basic_auth_header" && clientSecret && clientSecret.trim() !== '') {
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`; axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`;
} }
const data = { const data = {
@@ -577,7 +566,7 @@ const getOAuth2TokenUsingPasswordCredentials = async ({ request, collectionUid,
password, password,
client_id: clientId, client_id: clientId,
}; };
if (clientSecret && credentialsPlacement !== "basic_auth_header") { if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret; data.client_secret = clientSecret;
} }
if (scope && scope.trim() !== '') { if (scope && scope.trim() !== '') {
@@ -613,7 +602,7 @@ const refreshOauth2Token = async ({ requestCopy, collectionUid, certsAndProxyCon
client_id: clientId, client_id: clientId,
refresh_token: credentials.refresh_token, refresh_token: credentials.refresh_token,
}; };
if (clientSecret) { if (clientSecret && clientSecret.trim() !== '') {
data.client_secret = clientSecret; data.client_secret = clientSecret;
} }
let axiosRequestConfig = {}; let axiosRequestConfig = {};